cf28f3d39fd78d020df13df413696d19_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cf28f3d39fd78d020df13df413696d19_JaffaCakes118
Size

348KB
MD5

cf28f3d39fd78d020df13df413696d19
SHA1

4f4a343ef2e46481183795b3b2c6a3a1a0f65e20
SHA256

47d6addd48e4d3075d98ef0852591dc95020f76355a437622c0598a2767dd81c
SHA512

68672ca7402bddff708656a34d34514dcbc06656dc1413307beaa6e635ff0ea89967c28237427eea1d51040b8c7add86c5c575136b2020aedaba178ac70e3904
SSDEEP

6144:jf88mV0bMZUby0d33/UsfV166Q8YEy6mCegOXRcVjSTVA1lLMF:DbU0bMuR3BfjXBNYgOX6VWTqfoF

Score

1^/10

Malware Config

Signatures

Files

cf28f3d39fd78d020df13df413696d19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

002f5e1bbbc4e640ebc11237624a63b8

Code Sign

3c:d0:25:34:2c:b5:16:43:bf:2b:3d:69:6d:74:c5:29
Certificate

Issuer

CN=Root Agency

Not Before

19-12-2011 13:24

Not After

13-08-2013 22:00

Subject

CN=Benert

e2:14:13:eb:69:8d:d3:55:06:d1:ef:0f:5a:94:12:ef:c5:29:ec:c0
Signer

Actual PE Digest

e2:14:13:eb:69:8d:d3:55:06:d1:ef:0f:5a:94:12:ef:c5:29:ec:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxIndirectParamA
GetWindowTextA
GetWindow
IsWindow
EnumChildWindows

ole32

OleGetIconOfClass
CoFreeAllLibraries
CoMarshalHresult
CoRevokeClassObject
CoGetStdMarshalEx

oleaut32

RegisterTypeLi
QueryPathOfRegTypeLi

advapi32

RegSetValueA

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
LoadLibraryA
FreeEnvironmentStringsA
IsBadStringPtrA
GlobalReAlloc
GetProfileIntA
GetModuleHandleA
GetProcAddress
ExitProcess
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bqxv
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jltit
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

002f5e1bbbc4e640ebc11237624a63b8

Code Sign

3c:d0:25:34:2c:b5:16:43:bf:2b:3d:69:6d:74:c5:29Certificate

e2:14:13:eb:69:8d:d3:55:06:d1:ef:0f:5a:94:12:ef:c5:29:ec:c0Signer

Headers

File Characteristics

Imports

user32

ole32

oleaut32

advapi32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 510KB

.bqxv Size: 220KB - Virtual size: 219KB

.jltit Size: 78KB - Virtual size: 77KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 5KB - Virtual size: 5KB

3c:d0:25:34:2c:b5:16:43:bf:2b:3d:69:6d:74:c5:29
Certificate

e2:14:13:eb:69:8d:d3:55:06:d1:ef:0f:5a:94:12:ef:c5:29:ec:c0
Signer

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 510KB

.bqxv
Size: 220KB - Virtual size: 219KB

.jltit
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 5KB - Virtual size: 5KB